[Secure-testing-commits] r25207 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 14 17:58:57 UTC 2014
Author: carnil
Date: 2014-01-14 17:58:57 +0000 (Tue, 14 Jan 2014)
New Revision: 25207
Modified:
data/CVE/list
Log:
Process some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-14 17:33:52 UTC (rev 25206)
+++ data/CVE/list 2014-01-14 17:58:57 UTC (rev 25207)
@@ -464,33 +464,33 @@
[squeeze] - memcached 1.4.5-1+deb6u1
NOTE: https://github.com/memcached/memcached/commit/fbe823d9a61b5149cd6e3b5e17bd28dd3b8dd760
CVE-2013-7289 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
- TODO: check
+ NOT-FOR-US: Andy's PHP Knowledgebase (Aphpkb)
CVE-2013-7287
RESERVED
CVE-2013-7286
RESERVED
CVE-2013-7283 (Race condition in the libreswan.spec files for Red Hat Enterprise ...)
- TODO: check
+ NOT-FOR-US: libreswan
CVE-2013-7282 (The management web interface on the Nisuta NS-WIR150NE router with ...)
- TODO: check
+ NOT-FOR-US: Nisuta NS-WIR150NE router
CVE-2013-7280 (Buffer overflow in HansoTools Hanso Player 2.1.0, 2.5.0, and earlier ...)
- TODO: check
+ NOT-FOR-US: HansoTools Hanso Player
CVE-2013-7279 (Cross-site scripting (XSS) vulnerability in ...)
TODO: check
CVE-2013-7278 (SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Naxtech CMS Afroditi
CVE-2013-7277 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP ...)
- TODO: check
+ NOT-FOR-US: Andy's PHP Knowledgebase (Aphpkb)
CVE-2013-7276 (Cross-site scripting (XSS) vulnerability in inc/raf_form.php in the ...)
TODO: check
CVE-2013-7275 (Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2013-7274 (Cross-site scripting (XSS) vulnerability in Wallpaper Script 3.5.0082 ...)
- TODO: check
+ NOT-FOR-US: Wallpaper Script
CVE-2013-7272
RESERVED
CVE-2010-5292 (Amberdms Billing System (ABS) before 1.4.1, when a multi-instance ...)
- TODO: check
+ NOT-FOR-US: Amberdms Billing System
CVE-2013-XXXX [drop privileges when effective uid != uid]
- dash <unfixed> (unimportant; bug #734869)
- bash <unfixed> (unimportant; bug #734866)
@@ -885,11 +885,11 @@
CVE-2014-0806
RESERVED
CVE-2014-0805 (Directory traversal vulnerability in the NeoFiler application 5.4.3 ...)
- TODO: check
+ NOT-FOR-US: NeoFiler
CVE-2014-0804 (Directory traversal vulnerability in the CGENE Security File Manager ...)
- TODO: check
+ NOT-FOR-US: CGENE Security File Manager
CVE-2014-0803 (Directory traversal vulnerability in the tetra filer application 2.3.1 ...)
- TODO: check
+ NOT-FOR-US: tetra filer application
CVE-2014-0802 (Directory traversal vulnerability in the aokitaka ZIP with Pass ...)
NOT-FOR-US: aokitaka ZIP with Pass
CVE-2014-0801
@@ -1247,17 +1247,17 @@
CVE-2014-0657 (The administration portal in Cisco Unified Communications Manager ...)
NOT-FOR-US: Cisco Unified Communications Manager
CVE-2014-0656 (Cisco Context Directory Agent (CDA) allows remote authenticated users ...)
- TODO: check
+ NOT-FOR-US: Cisco Context Directory Agent
CVE-2014-0655 (The Identity Firewall (IDFW) functionality in Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2014-0654 (Cisco Context Directory Agent (CDA) allows remote attackers to modify ...)
- TODO: check
+ NOT-FOR-US: Cisco Context Directory Agent
CVE-2014-0653 (The Identity Firewall (IDFW) functionality in Cisco Adaptive Security ...)
NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2014-0652 (Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco Context Directory Agent
CVE-2014-0651 (The administrative interface in Cisco Context Directory Agent (CDA) ...)
- TODO: check
+ NOT-FOR-US: Cisco Context Directory Agent
CVE-2014-0650
RESERVED
CVE-2014-0649
@@ -1318,9 +1318,9 @@
CVE-2014-0622
RESERVED
CVE-2014-0621 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Technicolor TC7200 STD6.01.12
CVE-2014-0620 (Multiple cross-site scripting (XSS) vulnerabilities in Technicolor ...)
- TODO: check
+ NOT-FOR-US: Technicolor TC7200 STD6.01.12
CVE-2014-0619
RESERVED
CVE-2014-0618 (Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R ...)
@@ -2787,7 +2787,7 @@
CVE-2013-6956 (Cross-site scripting (XSS) vulnerability in the Secure Access Service ...)
NOT-FOR-US: Juniper Junos Pulse Secure Access Service
CVE-2013-6955 (webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 ...)
- TODO: check
+ NOT-FOR-US: Synology DiskStation Manager
CVE-2013-6954 (The png_do_expand_palette function in libpng before 1.6.8 allows ...)
- libpng <not-affected> (Vulnerable code introduced in 1.6.1)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1045561
@@ -5035,7 +5035,7 @@
CVE-2013-6335
RESERVED
CVE-2013-6334 (IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2013-6333
RESERVED
CVE-2013-6332
@@ -5696,7 +5696,7 @@
CVE-2013-6029 (Stack-based buffer overflow in the AT&T Connect Participant ...)
NOT-FOR-US: AT&T Connect Participant Application
CVE-2013-6028 (Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail ...)
- TODO: check
+ NOT-FOR-US: Atmail Webmail Server
CVE-2013-6027 (Stack-based buffer overflow in the RuntimeDiagnosticPing function in ...)
NOT-FOR-US: D-Link
CVE-2013-6026 (The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, ...)
@@ -7359,11 +7359,11 @@
CVE-2013-5360
RESERVED
CVE-2013-5359 (Stack-based buffer overflow in Picasa3.exe in Google Picasa before ...)
- TODO: check
+ NOT-FOR-US: Google Picasa
CVE-2013-5358 (Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote ...)
- TODO: check
+ NOT-FOR-US: Google Picasa
CVE-2013-5357 (Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build ...)
- TODO: check
+ NOT-FOR-US: Google Picasa
CVE-2013-5356
RESERVED
CVE-2013-5355 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
@@ -7379,7 +7379,7 @@
CVE-2013-5350
RESERVED
CVE-2013-5349 (Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build ...)
- TODO: check
+ NOT-FOR-US: Google Picasa
CVE-2013-5348
RESERVED
CVE-2013-5347
@@ -8080,11 +8080,11 @@
CVE-2013-5012
RESERVED
CVE-2013-5011 (Unquoted Windows search path vulnerability in the client in Symantec ...)
- TODO: check
+ NOT-FOR-US: Symantec Endpoint Protection
CVE-2013-5010 (The Application/Device Control (ADC) component in the client in ...)
NOT-FOR-US: Symantec Endpoint Protection
CVE-2013-5009 (The Management Console in Symantec Endpoint Protection (SEP) 11.x ...)
- TODO: check
+ NOT-FOR-US: Symantec Endpoint Protection
CVE-2013-5008 (The agent and task-agent components in Symantec Management Platform ...)
NOT-FOR-US: Symantec
CVE-2013-5007
More information about the Secure-testing-commits
mailing list